Krebs on Security

Microsoft Issues WanaCrypt Patch for Windows 8, XP

When files are deleted on removable media, it is stored in a special trash folder on the media. May 15, at It has plenty of extensions and plugins to do so much more than just web browsing. Why put out a patch or in this case and not give clear instructions on which version one should use. That code exists only on a device you own, limiting the ability for someone across the world to gain access to your information.

Did you find this page helpful?

My personal email and password were sitting right there for all to see. What was I going to do? I frantically started changing passwords, but it was too late. I couldn't change them fast enough, and over the next few weeks, I had to dispute unauthorized purchases at Walmart, Staples and Domino's.

Yes, someone actually stole my free pizza rewards. I spent hours on the phone with my bank and credit card companies to reverse these unauthorized charges. It was stressful and draining even if I was lucky enough to get my money -- and my pizza rewards -- back. And, worst of all -- it was completely avoidable.

Since that painful lesson, I've used a password manager. It changed my life, and it will change yours. These programs store all of your passwords in an encrypted vault that can only be opened by a master password you create and only you know.

Since the software can't even see that master password, you should use a unique password that you'll be able to remember -- but avoid all of those dead simple ones like birthdays or pet names that anyone could get from looking at your Facebook page. I personally ended up going with a service called LastPass. It was the cheapest of the three services I tested; it had rave reviews from many security experts; and it was easy to use.

LastPass also had all the features I was looking for like compatibility with Google Authenticator for extra security and a mobile app iOS and Android that works with my phone's fingerprint sensor.

It also notifies me when my passwords are weak or used on multiple websites, and will auto-generate passwords and sync across all my devices. To entice newcomers, the service allowed you to access select features for free on either the web or on a mobile device, but syncing between the two required a premium membership.

Not any more -- that service is now free. I always found paying what amounted to a dollar a month was a small price to pay for my online digital security. Now that it's free, there is no excuse not to be using the service. An argument against LastPass and other online password managers is that you are essentially providing a third party with complete access to your passwords -- and creating a single point of failure, a master key for your online identity.

What if the service were to get hacked and the information were to fall into the wrong hands? In fact, LastPass was hacked in -- but the results were actually encouraging. The hackers were able to access email addresses, password reminders and some other information, but they never got access to password data which is encrypted nor did they access the master passwords, which LastPass doesn't store.

LastPass encouraged users to change their master password, though, just to be safe. While LastPass appealed to me, it's not the only password manager out there. Other popular services include 1Password and Dashlane. There is also KeePass , which is free and open-source, and stores password information on your own computer rather than online and in the cloud. All are quite good, with different features and interfaces. I recommend researching all of them out to find the one that fits your needs.

So, in other words, it's not that different from searching for those holiday shopping bargains -- but the payoff can be a lot more beneficial. Whether you use a password manager or not, these tips will help keep your online activity safe and secure. I was lazy and used the same password over and over again. Don't be like me. Instead create a different password for each app, website and service that you use.

Always use a combination of complex characters, symbols, capital letters and, if possible, spaces. The success of such a password decryption or discovery task is ensured if you take into consideration the fact that instead of having a single workstation struggling to get the job done in hours, days or even more, with this application up to 10, computers can join forces to achieve the same goal.

With Elcomsoft Distributed Password Recovery, you can monitor the progress of the job and check out what each enlisted agent is doing from a centralized interface. In order to have the burden evenly distributed and for a more efficient use of the resources of each system involved, you can use the built-in scheduler feature and set the process priority individually.

Alerts and notification messages can also be activated, so in case an important event occurs and you are working on something else, the program can send, on its own, an e-mail to keep you posted.

The supported methods for decrypting and getting back the needed data consist of dictionary, mask and length attacks. Elcomsoft Distributed Password Recovery manages to put up a strong performance and through an innovative approach it allows anyone to profit from an advanced technology, even if could do with a more refined look and some extra customization features. Elcomsoft Distributed Password Recovery. Aug 14th, Demo. A powerful solution that aims to provide an easy to use means of recovering lost passwords without having to spend too much time on the job.